WordPress 4.9.1 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. WordPress versions 4.9 and earlier are affected by four security issues which could potentially be exploited as part of a multi-vector attack. As part of the core team’s […]
WordPress 4.9.1 Security and Maintenance Release Read More »
cPanel TSR-2017-0006 Full Disclosure SEC-236 Summary Add ‘ssl’ to the list of reserved usernames. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 2.4 CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N Description When cre…
cPanel TSR-2017-0006 Full Disclosure Read More »
cPanel TSR-2017-0006 Announcement cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers v…
cPanel TSR-2017-0006 Announcement Read More »
WordPress 4.8.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.8.2 and earlier are affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to […]
WordPress 4.8.3 Security Release Read More »
cPanel & WHM versions 56 & 60 have reached End of Life and will no longer be supported by cPanel except when upgrading to a supported version. In accordance with our EOL policy (https://go.cpanel.com/longtermsupport), 56 & 60 will continue …
cPanel & WHM Versions 56 & 60 Now EOL Read More »
SUMMARY cPanel, Inc. has released updated RPMs for EasyApache 4 on October 16, 2017, with a patch for Passenger. We strongly encourage all Passenger users to update their system to obtain the patch. AFFECTED VERSIONS All versions of Passenger DESCRIPTI…
EasyApache 2017-10-16 Security Release Read More »
WordPress 4.8.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.8.1 and earlier are affected by these security issues: $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this […]
WordPress 4.8.2 Security and Maintenance Release Read More »
cPanel TSR-2017-0005 Full Disclosure SEC-276 Summary SQL injection in eximstats processing. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 5.3 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N Description When processing eximstats updates in buffered mode, errors in the SQL operations cause the updates to be reprocessed one statement at a time. The logic …
cPanel TSR-2017-0005 Full Disclosure Read More »
cPanel TSR-2017-0005 Announcement cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv3 scores …
cPanel TSR-2017-0005 Announcement Read More »
SUMMARY cPanel, Inc. has released updated RPMs for EasyApache 4 on September 6, 2017, with PHP versions 7.0.23 and 7.1.9 and RubyGems 2.6.13. This release addresses vulnerabilities related to CVE-2017-12932, CVE-2017-0902, CVE-2017-0899, CVE-2017-0900, and CVE-2017-0901. We strongly encourage all all PHP 7.0 users to upgrade to version 7.0.23, all PHP …
EasyApache Sept 6 2017 Maintenance Release Read More »
